Connect with us
Client Portals
The Kentucky Consumer Data Protection Act (KCDPA), which recently took effect, introduces new rights for consumers and obligations for businesses handling personal data. It grants individuals rights to access, correct, delete, and obtain copies of their data, as well…
Data inventories are a foundational step for practical privacy compliance, enabling organizations to understand what personal data they collect, how it is used, where it is stored, and with whom it is shared. A well-maintained inventory supports legal obligations,…
At the 2026 IAPP Global Privacy Summit, regulators and experts emphasized that privacy compliance must move from theory to operational practice, especially as AI and data use grow more complex. Key themes included increased state-level AI regulation focused on…
State regulators are increasing scrutiny of foreign data transfers, especially involving sensitive personal data like biometric, location, and health information. With no comprehensive federal privacy law, states are stepping up enforcement and targeting companies…
Oklahoma enacted the Oklahoma Consumer Data Privacy Act, signed on March 20, 2026, which takes effect January 1, 2027, adding the state to the growing list of comprehensive privacy regimes. The law applies to businesses meeting specific data‑processing thresholds and…
U.S. businesses face growing challenges in complying with a rapidly expanding patchwork of state consumer privacy laws, due to the absence of a single federal framework. While many states share similar core consumer rights, key differences in definitions, thresholds,…
The California Consumer Privacy Act (CCPA), a law giving California residents greater control over their personal data. There are key consumer rights, including the ability to access, delete, and opt out of the sale of their information. Businesses must comply with…
A new US Data Privacy Guide explains how U.S. privacy law is evolving into a state-driven, patchwork system rather than a single federal framework. It highlights that there is still no comprehensive federal privacy law, so regulation is largely enforced through state…
Employers can access significant employee data, but legal limits depend on context, purpose, and jurisdiction. U.S. employers generally have broad rights to monitor workplace systems and collect job-related information, especially with clear policies reducing…
Connecticut’s 2025 enforcement report on the Connecticut Data Privacy Act (CTDPA) highlights increasing regulatory expectations for businesses handling personal data. The report identifies common consumer complaints, including failures to honor data rights requests,…